Missing session_token cookie on authorization #1630

kwalczi16 · 2021-08-06T09:42:18Z

kwalczi16
Aug 6, 2021

We are trying to follow login flow on deployed SPA React application. When submitting the form we get 200 and redirect back to target page, but we don't receive session_token cookie which should be set on successful authorization. We can only see redirect_to and csrf_token cookies.

Steps to reproduce

Send a GET request from a Client to Ory Kratos to get flowId,
Render HTML login form,
Submit filled out form as POST request with credentials and flowId in endpoint query,

Expected behaviour

Authorization should return cookie with session_token.

Environment

Ory Kratos: v0.7.1-alpha.1

Additional context:

kratos.yml

replicaCount: 1

database:
  connectionName: <myconnectionname>
environment:
  name: my-stage-env
ingress:
  dnsName: <my-dns>

kratos:
  config:
    log:
      level: info
    secrets:
      cookie:
        # This is an example; secret must be this length (32 chars).
        - deVuA0F46ZWFh3v4wGPVEQDlVXMbLKzG
      session:
        # Change this to values such as '1s', '1m', etc. to see how Kratos handles invalidating a session.
        lifespan: 1h
    serve:
      public:
        base_url: https://my-backend-url.com/
        cors:
          allowed_origins:
            - http://localhost:5000
            - https://my-frontend-url.com
          allowed_methods:
            - POST
            - GET
            - PUT
            - PATCH
            - DELETE
          allowed_headers:
            - Authorization
            - Cookie
          exposed_headers:
            - Content-Type
            - Set-Cookie
          enabled: true
    selfservice:
      methods:
        password:
          enabled: true

      default_browser_return_url: https://my-frontend-url.com/
      whitelisted_return_urls:
        - http://localhost:5000/
        - https://my-frontend-url.com
      flows:
        login:
          ui_url: https://my-frontend-url.com/login-confirm
          after:
            default_browser_return_url: http://localhost:5000/

Answered by kwalczi16

Aug 9, 2021

We figure out the problem. We've noticed that we have an error on kratos: could not find a strategy to login with while trying to log in. We have added missing attributes to html form tag name="method" value="password" and now we are receiving ory_kratos_session cookie on successful authorization. Issue can be close.

View full answer

kwalczi16 · 2021-08-09T14:52:09Z

kwalczi16
Aug 9, 2021
Author

We figure out the problem. We've noticed that we have an error on kratos: could not find a strategy to login with while trying to log in. We have added missing attributes to html form tag name="method" value="password" and now we are receiving ory_kratos_session cookie on successful authorization. Issue can be close.

1 reply

zepatrik Aug 9, 2021
Maintainer

Nice, thanks for sharing 👍

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Missing session_token cookie on authorization #1630

{{title}}

Replies: 1 comment 1 reply

{{title}}

{{title}}

Select a reply

Missing session_token cookie on authorization #1630

kwalczi16 Aug 6, 2021

Replies: 1 comment · 1 reply

kwalczi16 Aug 9, 2021 Author

zepatrik Aug 9, 2021 Maintainer

kwalczi16
Aug 6, 2021

Replies: 1 comment 1 reply

kwalczi16
Aug 9, 2021
Author

zepatrik Aug 9, 2021
Maintainer